Software Patches and Fixes Are Like Whack-a-Mole. Fix a Flaw and Another Jumps Up to be Exploited.

Dec 19 Software Patches and Fixes Are Like Whack-a-Mole. Fix a Flaw and Another Jumps Up to be Exploited.

WhackAMole

Ever hear the phrase we can fix it in beta? Sean Kalinich, in his piece on decryptedtech.com, observes this has been a common practice with software companies. However, fixing and patching flaws after a rollout makes problems with exploits that much worse.

(Too) many companies allow software and devices to be released to the world without proper testing. The intention is usually there to patch these flaws, but by the time they get around to it, someone else has discovered them and we have a new malware on the streets.

What is even more interesting is the fact that when companies do fix holes in their software all that does is start the conversation again. Right after Oracle updated Java to patch a number of flaws I was told about a “discussion” of exploits and flaws for Java. Some of these were over five years old and were still functional while others were new. From what I was told, this is very normal and appears to confirm a suspicion that I have had for a while: if an exploit is not made public or is not widely used no effort is made to patch it. There also appears to be a big malware push right after an update is released so that they can reach more people before everyone can update their software.

Between flaws in operating systems, plug-ins and bad user habits the malware writers have a very easy time of it. To give you a simple example during a recent malware outbreak one user actually stated: “It was a weird email so I opened it to see what it was”. (To quote that world renowned savant, Bugs Bunny, “What a maroon!”)

The user clearly knew it was out of the ordinary, but opened it anyway and caused a serious amount of damage to the network. The same user never reported the initial infection, but just moved to another computer. They only reported that their files appeared to be corrupted. By the time anyone was made aware of the infection it was hours later and additional files have been damaged.

This type of scenario is repeated daily around the world and not just with malware that is visible. If someone installs malware on a system that is designed to hide and gather information it could remain unnoticed for long time.

The people that are behind the spread of malware know these patterns and exploit them just as much as they do flaws in software and hardware. This makes stopping malware impossible and even makes slowing it down a tall order.

ThreatMetrix secures Web transactions against account takeoverpayment fraudidentity spoofing, malware, and data breaches. The ThreatMetrix Global Trust Intelligence Network, which analyzes 500 million monthly transactions, provides context-based authentication and Web fraud prevention to help companies accelerate revenue, reduce costs and eliminate friction. ThreatMetrix protects more than 1,900 customers and 9,000 websites across a variety of industries, including financial servicesenterprisee-commerce, payments, social networks, government, and insurance. For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

Leave a Reply

Your email address will not be published. Required fields are marked *